Packages changed: bcache-tools c-ares (1.16.1 -> 1.17.0) coreutils cpio cryptsetup dbus-1 dosfstools e2fsprogs filesystem fillup findutils fuse fuse3 gcc10 (10.2.1+git872 -> 10.2.1+git958) gpg2 (2.2.23 -> 2.2.25) gpgme (1.14.0 -> 1.15.0) grep (3.5 -> 3.6) gzip hwinfo (21.70 -> 21.71) ipset (7.6 -> 7.9) kbd kernel-default-base (5.9.8 -> 5.9.10) kernel-firmware (20201023 -> 20201120) kernel-source (5.9.8 -> 5.9.10) keyutils kubernetes1.18 kured (1.5.0 -> 1.5.1) libfido2 libksba (1.4.0 -> 1.5.0) libselinux libsepol libtirpc libxml2 lz4 (1.9.2 -> 1.9.3) mozilla-nss (3.57 -> 3.58) nvme-cli openssh pam (1.4.0 -> 1.5.0) patterns-microos perl python-attrs (20.2.0 -> 20.3.0) python-certifi (2020.6.20 -> 2020.11.8) python38 python38-core raspberrypi-firmware-dt salt sudo (1.9.2 -> 1.9.3p1) system-users systemd-default-settings (0.4 -> 0.5) tar toolbox (1.0+git20200831.d2d2e5d -> 1.0+git20201126.3d26283) u-boot-rpiarm64 vim (8.2.1975 -> 8.2.2039) yast2 (4.3.41 -> 4.3.44) zlib === Details === ==== bcache-tools ==== - Makefile: install bcache-status (jsc#SLE-9807, bsc#1178725) 0018-Makefile-install-bcache-status.patch - bcache-tools.spec: add '_sbindir/bcache-status' for the new added bcache-status python script (jsc#SLE-9807, bsc#1178725) ==== c-ares ==== Version update (1.16.1 -> 1.17.0) - add BR for pkg-config to get the provides in the devel package - ares_dns.h, missing_header.patch: re-add missing header in last release - Version update to 1.17.0 Security: * avoid read-heap-buffer-overflow in ares_parse_soa_reply found during fuzzing * Avoid theoretical buffer overflow in RC4 loop comparison * Empty hquery->name could lead to invalid memory access * ares_parse_{a,aaaa}_reply() could return a larger *naddrttls than was passed in (bsc#1178882, CVE-2020-8277) Changes: * Update help information for adig, acountry, and ahost * Test Suite now uses dynamic system-assigned ports rather than hardcoded ports to prevent failures in containers * Detect remote DNS server does not support EDNS using rules from RFC 6891 * Source tree has been reorganized to use a more modern layout * Allow parsing of CAA Resource Record Bug fixes: * readaddrinfo bad sizeof() * Test cases should honor HAVE_WRITEV flag, not depend on WIN32 * FQDN with trailing period should be queried first * ares_getaddrinfo() was returning members of the struct as garbage values if unset, and was not honoring ai_socktype and ai_protocol hints. * ares_gethostbyname() with AF_UNSPEC and an ip address would fail * Properly document ares_set_local_ip4() uses host byte order For details, see https://c-ares.haxx.se/changelog.html - add missing upstream sources, to be removed for next release - remove unnecessary BuildRequires - fix building on SLE12 systems ==== coreutils ==== - prepare usrmerge (boo#1029961) ==== cpio ==== - prepare usrmerge (boo#1029961) ==== cryptsetup ==== Subpackages: libcryptsetup12 - prepare usrmerge (boo#1029961) ==== dbus-1 ==== Subpackages: libdbus-1-3 - prepare usrmerge (boo#1029961) ==== dosfstools ==== - prepare usrmerge (boo#1029961) ==== e2fsprogs ==== Subpackages: libcom_err2 libext2fs2 - prepare usrmerge (boo#1029961) ==== filesystem ==== - /proc and /sys should be %ghost to allow filesystem package updates in rootless container environments (rh#1548403) ==== fillup ==== - prepare usrmerge (boo#1029961) ==== findutils ==== - prepare usrmerge (boo#1029961) ==== fuse ==== - prepare usrmerge (boo#1029961) ==== fuse3 ==== - Drop /sbin links; they do not seem to be used from anywhere. - Package "permission" is required in %post, not %pre. - Update descriptions. ==== gcc10 ==== Version update (10.2.1+git872 -> 10.2.1+git958) Subpackages: libgcc_s1 libgomp1 libstdc++6 - Add gcc10-amdgcn-llvm-as.patch to fix build of amdgcn offload compiler with llvm11. - Update to gcc-10 branch head (98ba03ffe0b9f37b4916ce6238), git958. * Includes fix for memcpy miscompilation on aarch64. [bsc#1178624, bsc#1178577] - Fix 32bit libgnat.so link. [bsc#1178675] ==== gpg2 ==== Version update (2.2.23 -> 2.2.25) - GnuPG 2.2.25: * scd: Fix regression in 2.2.24 requiring gpg --card-status before signing or decrypting * gpgsm: Using Libksba 1.5.0 signatures with a rarely used combination of attributes can now be verified - GnuPG 2.2.24: * gpg: New command --quick-revoke-sig * gpg: Do not use weak digest algos if selected by recipient preference during sign+encrypt * gpg: Switch to AES256 for symmetric encryption in de-vs mode * gpg: Silence weak digest warnings with --quiet * gpg: Print new status line CANCELED_BY_USER for a cancel during symmetric encryption * gpg: Fix the encrypt+sign hash algo preference selection for ECDSA. This is in particular needed for keys created from existing smartcard based keys * agent: Fix secret key import of GnuPG 2.3 generated Ed25519 keys * agent: Keep some permissions of private-keys-v1.d * dirmngr: Align sks-keyservers.netCA.pem use between ntbtls and gnutls builds * dirmngr: Fix the pool keyserver case for a single host in the pool * scd: Fix the use case of verify_chv2 by CHECKPIN * scd: Various improvements to the ccid-driver * scd: Minor fixes for Yubikey * gpgconf: New option --show-versions * i18n: Complete overhaul and completion of the Italian translation ==== gpgme ==== Version update (1.14.0 -> 1.15.0) - gpgme 1.15.0: * New function gpgme_op_setexpire to make changing the expiration easier * New function gpgme_op_revsig to revoke key signatures * Support exporting secret keys * cpp: Support for set expire operations in the C++ bindings * cpp: Support for revoking key signatures in the C++ bindings * qt: Extended ChangeExpiryJob to support changing the expiry of subkeys * qt: Extended QuickJob to support revoking of key signatures * qt: Added QDebug stream operator for GpgME::Error. * Require libgpg-error 1.36 ==== grep ==== Version update (3.5 -> 3.6) - Update to grep 3.6 * The GREP_OPTIONS environment variable no longer affects grep's behavior. * grep's DFA matcher performed an invalid regex transformation that would convert an ERE like a+a+a+ to a+a+, which would make grep a+a+a+ mistakenly match "aa". * grep -P now reports the troublesome input filename upon PCRE execution failure. - werror-return-type.patch: work around gcc bug - prepare usrmerge (boo#1029961) ==== gzip ==== - prepare usrmerge (boo#1029961) ==== hwinfo ==== Version update (21.70 -> 21.71) - merge gh#openSUSE/hwinfo#89 - rework network device detection on aarch64 (bsc#1177600, bsc#1177261) - 21.71 ==== ipset ==== Version update (7.6 -> 7.9) Subpackages: libipset13 - Update to release 7.9 * Enable memory accounting for ipset allocations * Expose the initval hash parameter to userspace * Add bucketsize parameter to all hash types * Support the -exist flag with the destroy command ==== kbd ==== Subpackages: kbd-legacy - prepare usrmerge (boo#1029961) ==== kernel-default-base ==== Version update (5.9.8 -> 5.9.10) - Add wireguard (boo#1179225) ==== kernel-firmware ==== Version update (20201023 -> 20201120) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Fix build with older distros due to missing _firmwaredir - Update to version 20201120 (bc9cd0b7b0e9): including AMDGPU update (bsc#1179062) and ath11k addition (bsc#1178274) * linux-firmware: Update AMD SEV firmware * amdgpu: add sienna cichlid firmware for 20.45 * amdgpu: update vega20 firmware for 20.45 * amdgpu: update vega12 firmware for 20.45 * amdgpu: update vega10 firmware for 20.45 * amdgpu: update renoir firmware for 20.45 * amdgpu: update navi14 firmware for 20.45 * amdgpu: update navi12 firmware for 20.45 * amdgpu: update navi10 firmware for 20.45 * amdgpu: update raven2 firmware for 20.45 * amdgpu: update raven firmware for 20.45 * rtlwifi: v88.2 firmware files for RTL8192CU * rtw88: RTL8822C: Update firmware to v9.9.4 * Revert "rtw88: RTL8822C: Update firmware to v9.9.4" * vpdma: Move firmware to ti directory * amdgpu: update picasso VCN firmware * amdgpu: update raven2 VCN firmware * amdgpu: update raven VCN firmware * rtw88: RTL8822C: Update firmware to v9.9.4 * rtl_bt: Update RTL8822C BT(USB I/F) FW to 0x099A_281A * QCA: Update Bluetooth firmware for QCA6390 * qcom : updated venus firmware files for v5.4 * QCA : Fixed BT SSR due to command timeout / IO fatal error * ath11k: QCA6390 hw2.0: add to WLAN.HST.1.0.1-01740-QCAHSTSWPLZ_V2_TO_X86-1 * ath11k: QCA6390 hw2.0: add board-2.bin * ath11k: IPQ8074 hw2.0: add to WLAN.HK.2.1.0.1-01238-QCAHKSWPL_SILICONZ-2 * ath11k: IPQ8074 hw2.0: add board-2.bin * ath11k: IPQ6018 hw1.0: add to WLAN.HK.2.1.0.1-01238-QCAHKSWPL_SILICONZ-2 * ath11k: IPQ6018 hw1.0: add board-2.bin * ath10k: QCA6174 hw3.0: add firmware-sdio-6.bin version WLAN.RMH.4.4.1-00077 * ath10k: QCA9984 hw1.0: update firmware-5.bin to 10.4-3.9.0.2-00131 * ath10k: QCA9888 hw2.0: update firmware-5.bin to 10.4-3.9.0.2-00131 * ath10k: QCA6174 hw3.0: update board-2.bin * ath10k: QCA6174 hw3.0: update firmware-6.bin to WLAN.RM.4.4.1-00157-QCARMSWPZ-1 - ath11k is split into its own subpackage due to its size - Update topics list and aliases accordingly ==== kernel-source ==== Version update (5.9.8 -> 5.9.10) - rpm/kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082) - commit b7c3768 - rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014) %split_extra still contained two. - commit d9b4c40 - mac80211: free sta in sta_info_insert_finish() on errors (git-fixes). - commit f42c89a - Linux 5.9.10 (bsc#1012628). - ACPI: GED: fix -Wformat (bsc#1012628). - KVM: x86: clflushopt should be treated as a no-op by emulation (bsc#1012628). - perf/x86/intel/uncore: Fix Add BW copypasta (bsc#1012628). - powerpc/smp: Call rcu_cpu_starting() earlier (bsc#1012628). - selftests/harness: prettify SKIP message whitespace again (bsc#1012628). - can: proc: can_remove_proc(): silence remove_proc_entry warning (bsc#1012628). - mac80211: always wind down STA state (bsc#1012628). - Input: sunkbd - avoid use-after-free in teardown paths (bsc#1012628). - leds: lm3697: Fix out-of-bound access (bsc#1012628). - selftests/powerpc: entry flush test (bsc#1012628). - powerpc: Only include kup-radix.h for 64-bit Book3S (bsc#1012628). - powerpc/64s: flush L1D after user accesses (bsc#1012628). - powerpc/64s: flush L1D on kernel entry (bsc#1012628). - selftests/powerpc: rfi_flush: disable entry flush if present (bsc#1012628). - commit 18ece1c - kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). RPM_BUILD_ROOT is cleared before %%install. Do the unpack into RPM_BUILD_ROOT in %%install - commit 13bd533 - rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014) Author: Dominique Leuenberger - commit 21f8205 - rpm/mkspec: do not build kernel-obs-build on x86_32 We want to use 64bit kernel due to various bugs (bsc#1178762 to name one). There is: ExportFilter: ^kernel-obs-build.*\.x86_64.rpm$ . i586 in Factory's prjconf now. No other actively maintained distro (i.e. merging packaging branch) builds a x86_32 kernel, hence pushing to packaging directly. - commit 8099b4b - RDMA/srpt: Fix typo in srpt_unregister_mad_agent docstring (git-fixes). - arm64: kexec_file: Fix sparse warning (git-fixes). - commit f76e598 - Linux 5.9.9 (bsc#1012628). - drm/i915: Hold onto an explicit ref to i915_vma_work.pinned (bsc#1012628). - drm/i915/gem: Flush coherency domains on first set-domain-ioctl (bsc#1012628). - mm: memcg: link page counters to root if use_hierarchy is false (bsc#1012628). - nbd: don't update block size after device is started (bsc#1012628). - KVM: arm64: Force PTE mapping on fault resulting in a device mapping (bsc#1012628). - xfrm: interface: fix the priorities for ipip and ipv6 tunnels (bsc#1012628). - ASoC: Intel: kbl_rt5663_max98927: Fix kabylake_ssp_fixup function (bsc#1012628). - genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (bsc#1012628). - hv_balloon: disable warning when floor reached (bsc#1012628). - net: xfrm: fix a race condition during allocing spi (bsc#1012628). - ASoC: codecs: wsa881x: add missing stream rates and format (bsc#1012628). - spi: imx: fix runtime pm support for !CONFIG_PM (bsc#1012628). - irqchip/sifive-plic: Fix broken irq_set_affinity() callback (bsc#1012628). - kunit: Fix kunit.py --raw_output option (bsc#1012628). - kunit: Don't fail test suites if one of them is empty (bsc#1012628). - usb: gadget: fsl: fix null pointer checking (bsc#1012628). - selftests: filter kselftest headers from command in lib.mk (bsc#1012628). - ASoC: codecs: wcd934x: Set digital gain range correctly (bsc#1012628). - ASoC: codecs: wcd9335: Set digital gain range correctly (bsc#1012628). - mtd: spi-nor: Fix address width on flash chips > 16MB (bsc#1012628). - xfs: set xefi_discard when creating a deferred agfl free log intent item (bsc#1012628). - mac80211: don't require VHT elements for HE on 2.4 GHz (bsc#1012628). - netfilter: nftables: fix netlink report logic in flowtable and genid (bsc#1012628). - netfilter: use actual socket sk rather than skb sk when routing harder (bsc#1012628). - netfilter: nf_tables: missing validation from the abort path (bsc#1012628). - netfilter: ipset: Update byte and packet counters regardless of whether they match (bsc#1012628). - irqchip/sifive-plic: Fix chip_data access within a hierarchy (bsc#1012628). - powerpc/eeh_cache: Fix a possible debugfs deadlock (bsc#1012628). - drm/vc4: bo: Add a managed action to cleanup the cache (bsc#1012628). - IB/srpt: Fix memory leak in srpt_add_one (bsc#1012628). - mm: memcontrol: correct the NR_ANON_THPS counter of hierarchical memcg (bsc#1012628). - drm/panfrost: rename error labels in device_init (bsc#1012628). - drm/panfrost: move devfreq_init()/fini() in device (bsc#1012628). - drm/panfrost: Fix module unload (bsc#1012628). - perf trace: Fix segfault when trying to trace events by cgroup (bsc#1012628). - perf tools: Add missing swap for ino_generation (bsc#1012628). - perf tools: Add missing swap for cgroup events (bsc#1012628). - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (bsc#1012628). - iommu/vt-d: Fix sid not set issue in intel_svm_bind_gpasid() (bsc#1012628). - iommu/vt-d: Fix a bug for PDP check in prq_event_thread (bsc#1012628). - afs: Fix warning due to unadvanced marshalling pointer (bsc#1012628). - afs: Fix incorrect freeing of the ACL passed to the YFS ACL store op (bsc#1012628). - vfio/pci: Implement ioeventfd thread handler for contended memory lock (bsc#1012628). - can: rx-offload: don't call kfree_skb() from IRQ context (bsc#1012628). - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (bsc#1012628). - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (bsc#1012628). - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (bsc#1012628). - can: j1939: swap addr and pgn in the send example (bsc#1012628). - can: j1939: j1939_sk_bind(): return failure if netdev is down (bsc#1012628). - can: ti_hecc: ti_hecc_probe(): add missed clk_disable_unprepare() in error path (bsc#1012628). - can: xilinx_can: handle failure cases of pm_runtime_get_sync (bsc#1012628). - can: peak_usb: add range checking in decode operations (bsc#1012628). - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (bsc#1012628). - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (bsc#1012628). - can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A (bsc#1012628). - can: flexcan: flexcan_remove(): disable wakeup completely (bsc#1012628). - xfs: flush new eof page on truncate to avoid post-eof corruption (bsc#1012628). - xfs: fix missing CoW blocks writeback conversion retry (bsc#1012628). - xfs: fix scrub flagging rtinherit even if there is no rt device (bsc#1012628). - io_uring: ensure consistent view of original task ->mm from SQPOLL (bsc#1012628). - spi: fsl-dspi: fix wrong pointer in suspend/resume (bsc#1012628). - PCI: mvebu: Fix duplicate resource requests (bsc#1012628). - ceph: check session state after bumping session->s_seq (bsc#1012628). - selftests: core: use SKIP instead of XFAIL in close_range_test.c (bsc#1012628). - selftests: clone3: use SKIP instead of XFAIL (bsc#1012628). - selftests: binderfs: use SKIP instead of XFAIL (bsc#1012628). - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1012628). - kbuild: explicitly specify the build id style (bsc#1012628). - RISC-V: Fix the VDSO symbol generaton for binutils-2.35+ (bsc#1012628). - USB: apple-mfi-fastcharge: fix reference leak in apple_mfi_fc_set_property (bsc#1012628). - tpm: efi: Don't create binary_bios_measurements file for an empty log (bsc#1012628). - KVM: arm64: ARM_SMCCC_ARCH_WORKAROUND_1 doesn't return SMCCC_RET_NOT_REQUIRED (bsc#1012628). - ath9k_htc: Use appropriate rs_datalen type (bsc#1012628). - scsi: ufs: Fix missing brace warning for old compilers (bsc#1012628). - ASoC: mediatek: mt8183-da7219: fix DAPM paths for rt1015 (bsc#1012628). - ASoC: qcom: sdm845: set driver name correctly (bsc#1012628). - ASoC: cs42l51: manage mclk shutdown delay (bsc#1012628). - ASoC: SOF: loader: handle all SOF_IPC_EXT types (bsc#1012628). - usb: dwc3: pci: add support for the Intel Alder Lake-S (bsc#1012628). - opp: Reduce the size of critical section in _opp_table_kref_release() (bsc#1012628). - usb: gadget: goku_udc: fix potential crashes in probe (bsc#1012628). - usb: raw-gadget: fix memory leak in gadget_setup (bsc#1012628). - selftests/ftrace: check for do_sys_openat2 in user-memory test (bsc#1012628). - selftests: pidfd: fix compilation errors due to wait.h (bsc#1012628). - ALSA: hda: Separate runtime and system suspend (bsc#1012628). - ALSA: hda: Reinstate runtime_allow() for all hda controllers (bsc#1012628). - x86/boot/compressed/64: Introduce sev_status (bsc#1012628). - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free (bsc#1012628). - gfs2: Add missing truncate_inode_pages_final for sd_aspace (bsc#1012628). - gfs2: check for live vs. read-only file system in gfs2_fitrim (bsc#1012628). - scsi: hpsa: Fix memory leak in hpsa_init_one() (bsc#1012628). - drm/amdgpu: perform srbm soft reset always on SDMA resume (bsc#1012628). - drm/amd/pm: correct the baco reset sequence for CI ASICs (bsc#1012628). - drm/amd/pm: perform SMC reset on suspend/hibernation (bsc#1012628). - drm/amd/pm: do not use ixFEATURE_STATUS for checking smc running (bsc#1012628). - mac80211: fix use of skb payload instead of header (bsc#1012628). - cfg80211: initialize wdev data earlier (bsc#1012628). - cfg80211: regulatory: Fix inconsistent format argument (bsc#1012628). - wireguard: selftests: check that route_me_harder packets use the right sk (bsc#1012628). - tracing: Fix the checking of stackidx in __ftrace_trace_stack (bsc#1012628). - Revert "nvme-pci: remove last_sq_tail" (bsc#1012628). - ARC: [plat-hsdk] Remap CCMs super early in asm boot trampoline (bsc#1012628). - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() (bsc#1012628). - scsi: mpt3sas: Fix timeouts observed while reenabling IRQ (bsc#1012628). - nvme: introduce nvme_sync_io_queues (bsc#1012628). - nvme-rdma: avoid race between time out and tear down (bsc#1012628). - nvme-tcp: avoid race between time out and tear down (bsc#1012628). - nvme-rdma: avoid repeated request completion (bsc#1012628). - nvme-tcp: avoid repeated request completion (bsc#1012628). - iommu/amd: Increase interrupt remapping table limit to 512 entries (bsc#1012628). - s390/smp: move rcu_cpu_starting() earlier (bsc#1012628). - vfio: platform: fix reference leak in vfio_platform_open (bsc#1012628). - vfio/pci: Bypass IGD init in case of -ENODEV (bsc#1012628). - i2c: mediatek: move dma reset before i2c reset (bsc#1012628). - amd/amdgpu: Disable VCN DPG mode for Picasso (bsc#1012628). - iomap: clean up writeback state logic on writepage error (bsc#1012628). - selftests: proc: fix warning: _GNU_SOURCE redefined (bsc#1012628). - arm64: kexec_file: try more regions if loading segments fails (bsc#1012628). - riscv: Set text_offset correctly for M-Mode (bsc#1012628). - i2c: sh_mobile: implement atomic transfers (bsc#1012628). - i2c: designware: call i2c_dw_read_clear_intrbits_slave() once (bsc#1012628). - i2c: designware: slave should do WRITE_REQUESTED before WRITE_RECEIVED (bsc#1012628). - tpm_tis: Disable interrupts on ThinkPad T490s (bsc#1012628). - mfd: sprd: Add wakeup capability for PMIC IRQ (bsc#1012628). - pinctrl: intel: Fix 2 kOhm bias which is 833 Ohm (bsc#1012628). - pinctrl: intel: Set default bias in case no particular value given (bsc#1012628). - gpio: aspeed: fix ast2600 bank properties (bsc#1012628). - ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template (bsc#1012628). - bpf: Don't rely on GCC __attribute__((optimize)) to disable GCSE (bsc#1012628). - libbpf, hashmap: Fix undefined behavior in hash_bits (bsc#1012628). - pinctrl: mcp23s08: Use full chunk of memory for regmap configuration (bsc#1012628). - pinctrl: aspeed: Fix GPI only function problem (bsc#1012628). - net/mlx5e: Fix modify header actions memory leak (bsc#1012628). - net/mlx5e: Protect encap route dev from concurrent release (bsc#1012628). - net/mlx5e: Use spin_lock_bh for async_icosq_lock (bsc#1012628). - net/mlx5: Fix deletion of duplicate rules (bsc#1012628). - net/mlx5: E-switch, Avoid extack error log for disabled vport (bsc#1012628). - net/mlx5e: Fix VXLAN synchronization after function reload (bsc#1012628). - net/mlx5e: Fix incorrect access of RCU-protected xdp_prog (bsc#1012628). - SUNRPC: Fix general protection fault in trace_rpc_xdr_overflow() (bsc#1012628). - NFSD: Fix use-after-free warning when doing inter-server copy (bsc#1012628). - NFSD: fix missing refcount in nfsd4_copy by nfsd4_do_async_copy (bsc#1012628). - tools/bpftool: Fix attaching flow dissector (bsc#1012628). - bpf: Zero-fill re-used per-cpu map element (bsc#1012628). - r8169: fix potential skb double free in an error path (bsc#1012628). - r8169: disable hw csum for short packets on all chip versions (bsc#1012628). - pinctrl: qcom: Move clearing pending IRQ to .irq_request_resources callback (bsc#1012628). - pinctrl: qcom: sm8250: Specify PDC map (bsc#1012628). - nbd: fix a block_device refcount leak in nbd_release (bsc#1012628). - selftest: fix flower terse dump tests (bsc#1012628). - i40e: Fix MAC address setting for a VF via Host/VM (bsc#1012628). - igc: Fix returning wrong statistics (bsc#1012628). - lan743x: correctly handle chips with internal PHY (bsc#1012628). - net: phy: realtek: support paged operations on RTL8201CP (bsc#1012628). - xfs: fix flags argument to rmap lookup when converting shared file rmaps (bsc#1012628). - xfs: set the unwritten bit in rmap lookup flags in xchk_bmap_get_rmapextents (bsc#1012628). - xfs: fix rmap key and record comparison functions (bsc#1012628). - xfs: fix brainos in the refcount scrubber's rmap fragment processor (bsc#1012628). - lan743x: fix "BUG: invalid wait context" when setting rx mode (bsc#1012628). - xfs: fix a missing unlock on error in xfs_fs_map_blocks (bsc#1012628). - of/address: Fix of_node memory leak in of_dma_is_coherent (bsc#1012628). - ch_ktls: Update cheksum information (bsc#1012628). - ch_ktls: tcb update fails sometimes (bsc#1012628). - cosa: Add missing kfree in error path of cosa_write (bsc#1012628). - hwmon: (applesmc) Re-work SMC comms (bsc#1012628). - NFS: Fix listxattr receive buffer size (bsc#1012628). - vrf: Fix fast path output packet handling with async Netfilter rules (bsc#1012628). - lan743x: fix use of uninitialized variable (bsc#1012628). - arm64/mm: Validate hotplug range before creating linear mapping (bsc#1012628). - kernel/watchdog: fix watchdog_allowed_mask not used warning (bsc#1012628). - mm: memcontrol: fix missing wakeup polling thread (bsc#1012628). - afs: Fix afs_write_end() when called with copied == 0 [ver #3] (bsc#1012628). - perf: Fix get_recursion_context() (bsc#1012628). - nvme: factor out a nvme_configure_metadata helper (bsc#1012628). - nvme: freeze the queue over ->lba_shift updates (bsc#1012628). - nvme: fix incorrect behavior when BLKROSET is called by the user (bsc#1012628). - perf: Simplify group_sched_in() (bsc#1012628). - perf: Fix event multiplexing for exclusive groups (bsc#1012628). - firmware: xilinx: fix out-of-bounds access (bsc#1012628). - erofs: fix setting up pcluster for temporary pages (bsc#1012628). - erofs: derive atime instead of leaving it empty (bsc#1012628). - ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA (bsc#1012628). - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() (bsc#1012628). - btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch (bsc#1012628). - btrfs: ref-verify: fix memory leak in btrfs_ref_tree_mod (bsc#1012628). - btrfs: fix min reserved size calculation in merge_reloc_root (bsc#1012628). - btrfs: dev-replace: fail mount if we don't have replace item with target device (bsc#1012628). - KVM: arm64: Don't hide ID registers from userspace (bsc#1012628). - speakup: Fix var_id_t values and thus keymap (bsc#1012628). - speakup ttyio: Do not schedule() in ttyio_in_nowait (bsc#1012628). - speakup: Fix clearing selection in safe context (bsc#1012628). - thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() (bsc#1012628). - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (bsc#1012628). - uio: Fix use-after-free in uio_unregister_device() (bsc#1012628). - Revert "usb: musb: convert to devm_platform_ioremap_resource_byname" (bsc#1012628). - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (bsc#1012628). - usb: typec: ucsi: Report power supply changes (bsc#1012628). - xhci: hisilicon: fix refercence leak in xhci_histb_probe (bsc#1012628). - virtio: virtio_console: fix DMA memory allocation for rproc serial (bsc#1012628). - mei: protect mei_cl_mtu from null dereference (bsc#1012628). - futex: Don't enable IRQs unconditionally in put_pi_state() (bsc#1012628). - jbd2: fix up sparse warnings in checkpoint code (bsc#1012628). - bootconfig: Extend the magic check range to the preceding 3 bytes (bsc#1012628). - mm/compaction: count pages and stop correctly during page isolation (bsc#1012628). - mm/compaction: stop isolation if too many pages are isolated and we have pages to migrate (bsc#1012628). - mm/slub: fix panic in slab_alloc_node() (bsc#1012628). - mm/vmscan: fix NR_ISOLATED_FILE corruption on 64-bit (bsc#1012628). - mm/gup: use unpin_user_pages() in __gup_longterm_locked() (bsc#1012628). - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" (bsc#1012628). - reboot: fix overflow parsing reboot cpu number (bsc#1012628). - hugetlbfs: fix anon huge page migration race (bsc#1012628). - ocfs2: initialize ip_next_orphan (bsc#1012628). - hwmon: (amd_energy) modify the visibility of the counters (bsc#1012628). - selinux: Fix error return code in sel_ib_pkey_sid_slow() (bsc#1012628). - io_uring: round-up cq size before comparing with rounded sq size (bsc#1012628). - gpio: sifive: Fix SiFive gpio probe (bsc#1012628). - gpio: pcie-idio-24: Fix irq mask when masking (bsc#1012628). - gpio: pcie-idio-24: Fix IRQ Enable Register value (bsc#1012628). - gpio: pcie-idio-24: Enable PEX8311 interrupts (bsc#1012628). - mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (bsc#1012628). - mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove (bsc#1012628). - don't dump the threads that had been already exiting when zapped (bsc#1012628). - drm/amd/display: Add missing pflip irq (bsc#1012628). - drm/i915: Correctly set SFC capability for video engines (bsc#1012628). - drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] (bsc#1012628). - NFSv4.2: fix failure to unregister shrinker (bsc#1012628). - pinctrl: amd: use higher precision for 512 RtcClk (bsc#1012628). - pinctrl: amd: fix incorrect way to disable debounce filter (bsc#1012628). - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb" (bsc#1012628). - cpufreq: Introduce governor flags (bsc#1012628). - cpufreq: Introduce CPUFREQ_GOV_STRICT_TARGET (bsc#1012628). - cpufreq: Add strict_target to struct cpufreq_policy (bsc#1012628). - cpufreq: intel_pstate: Take CPUFREQ_GOV_STRICT_TARGET into account (bsc#1012628). - ethtool: netlink: add missing netdev_features_change() call (bsc#1012628). - IPv6: Set SIT tunnel hard_header_len to zero (bsc#1012628). - net/af_iucv: fix null pointer dereference on shutdown (bsc#1012628). - net: udp: fix IP header access and skb lookup on Fast/frag0 UDP GRO (bsc#1012628). - net: udp: fix UDP header access on Fast/frag0 UDP GRO (bsc#1012628). - net: Update window_clamp if SOCK_RCVBUF is set (bsc#1012628). - net/x25: Fix null-ptr-deref in x25_connect (bsc#1012628). - tipc: fix memory leak in tipc_topsrv_start() (bsc#1012628). - devlink: Avoid overwriting port attributes of registered port (bsc#1012628). - mptcp: provide rmem[0] limit (bsc#1012628). - tunnels: Fix off-by-one in lower MTU bounds for ICMP/ICMPv6 replies (bsc#1012628). - powerpc/603: Always fault when _PAGE_ACCESSED is not set (bsc#1012628). - null_blk: Fix scheduling in atomic with zoned mode (bsc#1012628). - perf scripting python: Avoid declaring function pointers with a visibility attribute (bsc#1012628). - coresight: etm: perf: Sink selection using sysfs is deprecated (bsc#1012628). - coresight: Fix uninitialised pointer bug in etm_setup_aux() (bsc#1012628). - Convert trailing spaces and periods in path components (bsc#1012628). - commit 21e5163 - PCI: Always enable ACS even if no ACS Capability (bsc#1178211). - commit a40af1e - loop: Fix occasional uevent drop (bsc#1177900). - block: add a return value to set_capacity_revalidate_and_notify (bsc#1177900). - commit 98395e1 - btrfs: qgroup: don't commit transaction when we already hold the handle (bsc#1178634). Update upstream status and take the upstream version. - commit 60a737e ==== keyutils ==== Subpackages: libkeyutils1 - prepare usrmerge (boo#1029961) ==== kubernetes1.18 ==== - Adding a conflict on kubernetes client common to ensure there are no leftovers after migration from SP1 to SP2 on SLE15. ==== kured ==== Version update (1.5.0 -> 1.5.1) - Update to version 1.5.1: * rename annotation-ttl to lock-ttl in all places, follow-up to #213 * Drain: allow pods grace period to terminate * Prepare 1.5.1 release * Add lint job * Make lint happier in pkg folder * Make lint happier * Remove prom-active-alerts * update docs following #210 * run 'go mod tidy' * Replaced --annotationTTL with --lockTTL and made it work correctly * Refactor drain/uncordon * Remove kubectl exception in container scanning * Bump prometheus * Use kubectl as library instead of calling from cli * fix: Follow DKL-DI-0004 guideline * feat: Add security scanning into CI * add missing quote - thanks Karan Arora for reporting * Bump helm chart version * Remove quote for parameter alert-filter-regexp * Release helper ==== libfido2 ==== Subpackages: libfido2-1 libfido2-udev - Add Conflicts: to supersede version 1.0.0. This is needed for a clean upgrade path on SLE. ==== libksba ==== Version update (1.4.0 -> 1.5.0) - libksba 1.5.0: * ksba_cms_identify now identifies OpenPGP keyblock content * Supports TR-03111 plain format ECDSA signature verification * Fixes a CMS signed data parser bug exhibited by a somewhat strange CMS message - remove deprecated texinfo macros and update signing keyring ==== libselinux ==== Subpackages: libselinux1 selinux-tools - install to /usr (boo#1029961) ==== libsepol ==== - install to /usr (boo#1029961) ==== libtirpc ==== Subpackages: libtirpc-netconfig libtirpc3 - install libraries to %{_libdir} (boo#1029961) ==== libxml2 ==== Subpackages: libxml2-2 libxml2-tools - Avoid quadratic checking of identity-constraints: [bsc#1178823] * key/unique/keyref schema attributes currently use qudratic loops to check their various constraints (that keys are unique and that keyrefs refer to existing keys). * This fix uses a hash table to avoid the quadratic behaviour. - Add libxml2-Avoid-quadratic-checking-of-identity-constraints.patch ==== lz4 ==== Version update (1.9.2 -> 1.9.3) - Update to release 1.9.3 * api: LZ4_decompress_safe_partial() now supports unknown compressed size * api: improved LZ4F_compressBound() with automatic flushing * cli: multiple files are compressed now using the legacy format ==== mozilla-nss ==== Version update (3.57 -> 3.58) - update to NSS 3.58 Bugs fixed: * bmo#1641480 (CVE-2020-25648) Tighten CCS handling for middlebox compatibility mode. * bmo#1631890 - Add support for Hybrid Public Key Encryption (draft-irtf-cfrg-hpke) support for TLS Encrypted Client Hello (draft-ietf-tls-esni). * bmo#1657255 - Add CI tests that disable SHA1/SHA2 ARM crypto extensions. * bmo#1668328 - Handle spaces in the Python path name when using gyp on Windows. * bmo#1667153 - Add PK11_ImportDataKey for data object import. * bmo#1665715 - Pass the embedded SCT list extension (if present) to TrustDomain::CheckRevocation instead of the notBefore value. ==== nvme-cli ==== - Drop '-f' option with %service_del_postun This option shouldn't be needed besides very few special cases. But this package doesn't seem to belong to this category. ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Fix build breakage caused by missing security key objects: + Modify openssh-7.7p1-cavstest-ctr.patch. + Modify openssh-7.7p1-cavstest-kdf.patch. + Add openssh-link-with-sk.patch. - Add openssh-fips-ensure-approved-moduli.patch (bsc#1177939). This ensures only approved DH parameters are used in FIPS mode. - Add openssh-8.1p1-ed25519-use-openssl-rng.patch (bsc#1173799). This uses OpenSSL's RAND_bytes() directly instead of the internal ChaCha20-based implementation to obtain random bytes for Ed25519 curve computations. This is required for FIPS compliance. ==== pam ==== Version update (1.4.0 -> 1.5.0) - Update to 1.5.0 - obsoletes pam-bsc1178727-initialize-daysleft.patch - Multiple minor bug fixes, portability fixes, and documentation improvements. - Extended libpam API with pam_modutil_check_user_in_passwd function. - pam_faillock: changed /run/faillock/$USER permissions from 0600 to 0660. - pam_motd: read motd files with target user credentials skipping unreadable ones. - pam_pwhistory: added a SELinux helper executable. - pam_unix, pam_usertype: implemented avoidance of certain timing attacks. - pam_wheel: implemented PAM_RUSER fallback for the case when getlogin fails. - pam_env: Reading of the user environment is deprecated and will be removed at some point in the future. - libpam: pam_modutil_drop_priv() now correctly sets the target user's supplementary groups, allowing pam_motd to filter messages accordingly - Refresh pam-xauth_ownership.patch - pam_tally2-removal.patch: Re-add pam_tally2 for deprecated sub-package - pam_cracklib-removal.patch: Re-add pam_cracklib for deprecated sub-package - pam_cracklib: added code to check whether the password contains a substring of of the user's name of at least characters length in some form. This is enabled by the new parameter "usersubstr=" See https://github.com/libpwquality/libpwquality/commit/bfef79dbe6aa525e9557bf4b0a61e6dde12749c4 [jsc#SLE-16719, jsc#SLE-16720, pam-pam_cracklib-add-usersubstr.patch] - pam_xauth.c: do not free() a string which has been (successfully) passed to putenv(). [bsc#1177858, pam-bsc1177858-dont-free-environment-string.patch] - Initialize pam_unix pam_sm_acct_mgmt() local variable "daysleft" to avoid spurious (and misleading) Warning: your password will expire in ... days. fixed upstream with commit db6b293046a [bsc#1178727, pam-bsc1178727-initialize-daysleft.patch] - Enable pam_faillock [bnc#1171562] - /usr/bin/xauth chokes on the old user's $HOME being on an NFS file system. Run /usr/bin/xauth using the old user's uid/gid Patch courtesy of Dr. Werner Fink. [bsc#1174593, pam-xauth_ownership.patch] - pam-login_defs-check.sh: Fix the regexp to get a real variable list (boo#1164274). - Revert the previous change [SR#815713]. The group is not necessary for PAM functionality but used only during testing. The test system should therefore create this group. [bsc#1171016, pam.spec] - Add requirement for group "wheel" to spec file. [bsc#1171016, pam.spec] ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap - Add udisks2 and upower to the Plasma desktop pattern - GNOME: encrypt/decript files from Nautilus * we need both the extension and the package providing /usr/bin/seahorse-daemon * Seahorse, the app, is _not_ installed as it's available on flathub - GNOME pattern package changes: * drop file roller RPM as there is org.gnome.FileRoller * add some packages that I've (as well as most users that have tried MicroOS desktop recently) found useful during initial setup * while there, update a comment about using Requires vs. Recommends ==== perl ==== - Correct perl license According to https://dev.perl.org/licenses/ perl is licensed under the artistic license or the GPL 1.0 or later ==== python-attrs ==== Version update (20.2.0 -> 20.3.0) - update to 20.3.0: - ``attr.define()``, ``attr.frozen()``, ``attr.mutable()``, and ``attr.field()`` remain **provisional**. ==== python-certifi ==== Version update (2020.6.20 -> 2020.11.8) - update to 2020.11.8: * Python 3.8+ support - Add two-basic-unit-tests.patch which includes two at least simple test patches (gh#certifi/python-certifi#137). ==== python38 ==== - The Python stdlib >= does not provide importlib_metadata or importlib_resources but importlib.metadata and importlib.resources. If a package specifically asks for importlib_*, they actually require the dedicated package with extended API. ==== python38-core ==== Subpackages: libpython3_8-1_0 python38-base - The Python stdlib >= does not provide importlib_metadata or importlib_resources but importlib.metadata and importlib.resources. If a package specifically asks for importlib_*, they actually require the dedicated package with extended API. ==== raspberrypi-firmware-dt ==== - Introduce upstream-overlay-rpi-poe.patch to adapt the overlay to our driver (jsc#SLE-16543) ==== salt ==== Subpackages: python3-salt salt-master salt-minion salt-standalone-formulas-configuration - Fix syntax error on pkgrepo state with Python 2.7 - transactional_update: unify with chroot.call - Added: * pkgrepo-support-python-2.7-function-call-295.patch * transactional_update-unify-with-chroot.call.patch - Add "migrated" state and GPG key management functions - Added: * add-migrated-state-and-gpg-key-management-functions-.patch - Master can read grains - Added: * grains-master-can-read-grains.patch - Fix for broken psutil (bsc#1102248) - Added: * fix-for-bsc-1102248-psutil-is-broken-and-so-process-.patch ==== sudo ==== Version update (1.9.2 -> 1.9.3p1) - Update to 1.9.3p1 * Fixed a regression introduced in sudo 1.9.3 where the configure script would not detect the crypt(3) function if it was present in the C library, not an additional library. * Fixed a regression introduced in sudo 1.8.23 with shadow passwd file authentication on OpenBSD. BSD authentication was not affected. * Sudo now logs when a user-specified command-line option is rejected by a sudoers rule. Previously, these conditions were written to the audit log, but the default sudo log file. Affected command line arguments include -C (--close-from), -D (--chdir), - R (--chroot), -g (--group) and -u (--user). - News in 1.9.3 * Fixed building the Python plugin on systems with a compiler that doesn't support symbol hiding. * Sudo now uses a linker script to hide symbols even when the compiler has native symbol hiding support. This should make it easier to detect omissions in the symbol exports file, regardless of the platform. * Fixed the libssl dependency in Debian packages for older releases that use libssl1.0.0. * Sudo and visudo now provide more detailed messages when a syntax error is detected in sudoers. The offending line and token are now displayed. If the parser was generated by GNU bison, additional information about what token was expected is also displayed. Bug #841. * Sudoers rules must now end in either a newline or the end-of-file. Previously, it was possible to have multiple rules on a single line, separated by white space. The use of an end-of-line terminator makes it possible to display accurate error messages. * Sudo no longer refuses to run if a syntax error in the sudoers file is encountered. The entry with the syntax error will be discarded and sudo will continue to parse the file. This makes recovery from a syntax error less painful on systems where sudo is the primary method of superuser access. The historic behavior can be restored by add "error_recovery=false" to the sudoers plugin's optional arguments in sudo.conf. Bug #618. * Fixed the sample_approval plugin's symbol exports file for systems where the compiler doesn't support symbol hiding. * Fixed a regression introduced in sudo 1.9.1 where arguments to the "sudoers_policy" plugin in sudo.conf were not being applied. The sudoers file is now parsed by the "sudoers_audit" plugin, which is loaded implicitly when "sudoers_policy" is listed in sudo.conf. Starting with sudo 1.9.3, if there are plugin arguments for "sudoers_policy" but "sudoers_audit" is not listed, those arguments will be applied to "sudoers_audit" instead. * The user's resource limits are now passed to sudo plugins in the user_info[] list. A plugin cannot determine the limits itself because sudo changes the limits while it runs to prevent resource starvation. * It is now possible to set the working directory or change the root directory on a per-command basis using the CWD and CHROOT options. There are also new Defaults settings, runchroot and runcwd, that can be used to set the working directory or root directory on a more global basis. * New -D (--chdir) and -R (--chroot) command line options can be used to set the working directory or root directory if the sudoers file allows it. This functionality is not enabled by default and must be explicitly enabled in the sudoers file. - add sudo-1.9.3p1-pam_xauth.patch to stay setuid until just before executing the command. Fixes a problem with pam_xauth which checks effective and real uids to get the real identity of the user [bsc#1174593] ==== system-users ==== Subpackages: system-group-hardware system-user-nobody - Add qemu user to kvm group - Add system account and groups for kvm, qemu, and libvirt (jsc#SLE-11629) New files: system-group-kvm.conf, system-group-libvirt.conf, system-user-qemu.conf ==== systemd-default-settings ==== Version update (0.4 -> 0.5) Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE - Issue a daemon-reload in %post of the main package - Import 0.5 0c5e241 SLE: turn off RemoveIPC by default for logind (fate#320125) cb6914f SLE: restore ProtectHostname=no for udevd (bsc#1178374) 7e332a6 Add a header in all each drop-ins 465e1c7 Makefile: simplify 'archive' target ==== tar ==== - prepare usrmerge (boo#1029961) ==== toolbox ==== Version update (1.0+git20200831.d2d2e5d -> 1.0+git20201126.3d26283) - Update to version 1.0+git20201126.3d26283: * Make it easier to use custom images (#10) * Update toolbox doc (#9) ==== u-boot-rpiarm64 ==== Subpackages: u-boot-rpiarm64-doc - Added u-boot tools binaries to tools package - Add pinebook-pro-rk3399 support ==== vim ==== Version update (8.2.1975 -> 8.2.2039) Subpackages: vim-data-common vim-small - Updated to version 8.2.2039, fixes the following problems * Cannot backspace in prompt buffer after using cursor-left. (Maxim Kim) * Vim9: error for using a string in a condition is confusing. * Making a mapping work in all modes is complicated. * "term_opencmd" option of term_start() is truncated. (Sergey Vlasov) * Vim9: some tests are not done at the script level. * MinGW: parallel compilation might fail. * Quickfix window not updated when adding invalid entries. * ml_get error when using to open a terminal. * Cannot use :vimgrep in omni completion, causing C completion to fail. * Crash when closing terminal popup with mapping. * Expression test is flaky on Appveyor. * Still in Insert mode when opening terminal popup with a mapping in Insert mode. * Info popup triggers WinEnter and WinLeave autocommands. * Cursor position wrong in terminal popup with finished job. * Coverity warns for not using the ga_grow() return value. * Build fails with small features. * Occasional failure of the netbeans test. * The popup menu can cause too much redrawing. * Vim9: invalid error for argument of extend(). * Window changes when using bufload() while in a terminal popup. * Terminal Cmd test sometimes fails to close popup. * Terminal popup test sometimes fails. * Vim9: dict.key assignment not implemented yet. * Vim9: :def function does not apply 'maxfuncdepth'. * Vim9: lambda argument shadowed by function name. * Build error with +conceal but without +popupwin. * Compiler warning for uninitialized variable. * Redoing a mapping with doesn't work properly. * .pbtxt files are not recognized. * Test for insert mode in popup is not reliable. * Vim9: compiling fails for unreachable return statement. * "syn sync" reports a very large number. * Vim9: confusing error message when using bool wrongly. * Vim9: not skipping white space after unary minus. * Using CTRL-O in a prompt buffer moves cursor to start of the line. * Vim9: literal dict #{} is not like any other language. * Swap file test is a little flaky. * Missing part of the dict change. * Vim9: script variable not found from lambda. * Swap file test fails on MS-Windows. * Some compilers do not like the "namespace" argument. * Vim9: get E1099 when autocommand resets did_emsg. * Vim9: star command recognized errornously. * Vim: memory leak when :execute fails. * Flicker when redrawing a popup with a title and border. * Amiga: Not all colors are used on OS4. * Coverity warns for possibly using not NUL terminated string. * Coverity warns for uninitialized field. * Coverity warns for using an uninitialized variable. * Coverity warns for not checking return value. * Some tests fail on Mac. * Some tests fail when run under valgrind. * Cabalconfig and cabalproject filetypes not recognized. * Vim9: :def without argument gives compilation error. * Vim9: list unpack in for statement not compiled yet. * Current buffer is messed up if creating a new buffer for the quickfix window fails. * Compiler test depends on list of compiler plugins. * Viminfo is not written when creating a new file. ==== yast2 ==== Version update (4.3.41 -> 4.3.44) - prepare usrmerge: install legacy symlinks via spec file only (boo#1029961) - CWM ComboBox: an editable ComboBox will not alter the list of items when the current value is not part of the list as it uses the original list which could be already modified (bsc#1177137) - 4.3.43 - CWM ComboBox: reverted the addition of the current_items method (bsc#1177137) - 4.3.42 ==== zlib ==== - Fix hw compression on z15 bsc#1176201 - Add zlib-s390x-z15-fix-hw-compression.patch